Instead of reverse engineering vulnerabilities to find 0day, hackers can now reverse security products. More and more companies are buying and commercializing 0day vulnerabilities and exploits. This includes offensive hacking toolkits, and also defensive products like vulnerability assessment appliances, intrusion detection systems, and intrusion-prevention systems. In this paper, we will demonstrate that it’s possible to crack open a defensive product in order to get its 0day information. While we focus on one particular example here, the techniques are directly applicable to most other security products.